RSA recently sent a notification to a limited number of customers, partners and vendors explaining that RSA identified unauthorized access to two RSA Microsoft email accounts that occurred between October 29, 2024 and November 3, 2024. The incident was fully contained on November 4, 2024 and is still being actively evaluated.
 

During the event, an external actor had visibility into two RSA employee’s email boxes and sent a malicious OneNote file link to some of the employee’s contacts. This unauthorized access has been removed and the OneNote file has been deleted.
 

RSA has informed the employees’ contacts of this incident. We take the protection and privacy of our customers, partners and vendors very seriously and will continue to update them if our analysis reveals any significant new information.
 

Aside from improper access to 2 e-mail accounts, which resulted from a phishing attack, after a thorough review over the past week, RSA has no indication of any access to other RSA systems and services. RSA continues to work with our internal security team, Security Operations Center and Microsoft to monitor for and prevent unauthorized use of our email system.
 

For further information, please contact security@rsa.com.